Off-Chain Privacy Enhancing Bitcoin UTXO Swaps With The SATSCARD
Coinkite recently came out with a new product called the SATSCARD. This NFC card is designed to work with your mobile phone and is a novel evolution on the Opendime, a USB device that acted a Bitcoin barer instrument.
Satscard also has many of the same properties as the Opendime, but is easier to use, quicker and make in person swaps functionally possible.
Coinkite are also the makers of Coldcard, the popular Bitcoin maxi hardware wallet of choice.
The Opendime is a fun device. Almost acting as a Bitcoin native gift card in practice, they allow for end users to gift Bitcoin or sell Bitcoin off-chain. While also doing this without the primary end user knowing the associated private key. AND allowing the secondary user to know with high confidence that the private key to the Bitcoin on the device is not yet revealed to either party.
This allows for off-chain swaps and trading of Bitcoin. But in practice, this device was mostly used for novelty and uncle Jim gifting for weddings and newborns. I imagine the main reason why the Opendime’s potential for off-chain trading wasn’t fully realized is because in field use of USB devices is not exactly UX friendly. Especially now that people are primarily relying on their mobile smart phones.
Functionally, primary and secondary users would have to carry around a laptop or USB adapter phone dongle to fully realize the Opendimes off-chain swap or trading potential. And maybe, that should still be the case going forward with some off-chain swap ideas. But there is a medium price tag to the Opendime, and it’s only unsealable once and which makes it a insecure device for reuse.
Enter the SATSCARD.
It has most of the same properties as the Opendime. It’s a high fidelity barer instrument, but has 10X more one-time-use private keys. When one of these private keys is first initialized by the primary end user, it remains hidden and unknown to that user, just like the Opendime. The end users are blind to the private key. But seeing to the public key attached to that private key. Thus they can deposit funds to this public address and at a future date reveal or unlock this private key to sweep the funds somewhere else.
In using such well manufactured devices, primary and secondary users may be able to have medium to high confidence in the Bitcoin balance of said devices, and that (THIS IS KEY) their private keys on the device have not yet been revealed to anyone. Which can enable some interesting behavior, as it implies off-chain Bitcoin transactions are viable.
However, for such activity to take place a good degree of confidence is given to: the devices themselves; the manufacturer; and the other party in the transaction. Trust does exist at some level in such arrangements.
With that said, some provably secure fun can still be had with small to medium amounts using Satscards for things like Bitcoiner autographs or off-chain Bitcoin privacy enhancing swaps.
Satscard coinswaps can be thought of as a kind of in person coinjoin, without any immediate on-chain activity. It can work like this: multiple people, deposit the same amount of sats to their own Satscard, say a million SATS each (ideally the same Satscard version is used by all), and they then meetup in person to do a swap of these cards. The more people who participate is such a swap, the better the potential privacy outcomes for all.
In my experience, these swaps can take less than a minute, but could go longer depending on how creative and large the group swap is. So what’s the functional UX verification flow of a swap?
With just a two man group it’s rather simple. You’d first use the nunchuck phone wallet to display the balance of your card to the other party, they would do the same. You’d then both physically swap possession of the cards, and recheck that card details using nunchuck to recheck that the balance is the same, and the private key on that card is still locked and blinded. Then you’re both done.
In addition, these same cards that were just swapped, could be reused in future swap events so long as their private keys remain locked on the device and blind to the end users.
But if the final custodial party of the Satscard really needs those Bitcoin somewhere else, they can always unlock the blind private key, and sweep the Bitcoin to somewhere else on chain. This also adds another privacy benefit heuristic, in that timing analysis, a favorite of parasitical companies like Chainalysis, may be defeated with such swaps.
For the record, I and someone else were the first people to try a off-chain swap using Satscards a week or so ago.
So we have effectively swapped Bitcoin UTXO’s off-chain in the wild already. This can be a privacy enhancing activity for some. It could be privacy damaging to others if they are not aware of the implications of swapping UTXO’s with potentially a tainted on-chain history.
There are a few caveats to doing such a swap party. Such cards probably could be spoofed eventually with a fake companion app (which is why it’s essential the receiving party verify the card with their own mobile phone software). Even then, it could be too late for an end user who has already swapped cards with someone who faked an app display for their spoofed card, as they could just start running as soon as the changing of hands of cards took place.
In which case, you could guard against this risk with some kind of third party in person escrow mechanism. Either a person, or even a mechanical device could be used for this escrow. But also, don’t do swaps for large amounts.
Therefore, only do Satscard coinswaps with people you trust. And secondly, you are trading UTXO’s here, so be aware that you could be accepting Bitcoin with a tainted on-chain history. The worst scenario I can think of for this is that you do a swap with a secret north Korean agent. When you then try to deposit the funds from this swap to a KYC exchange, the Bitcoin would be flagged and potentially seized.
So have fun with this, but keep the Bitcoin in swaps like this KYC free both up and down stream, and do it with people you generally trust.
In any case, my hope is that such interesting devices as the Opendime and Satscard will one day usher in the golden era of provably secure off-chain Bitcoin transactions and swaps.
The implications for Bitcoin privacy and overall transaction scalability are significant.
